Slashdot Mirror

← Back to Stories (view on slashdot.org)

Aussie Uni Dumps Dual-Boot In Favor of Linux

Posted by ryuzaki0 on from the greater-good dept.

kNIGits writes "News.com.au is reporting that the University of Wollongong have dumped their previously dual-boot installations in favour of booting Linux only. Among other reasons, staff enjoy the ease with which they can 'lock down' first year students, stopping them messing with the systems prior to learning anything about them."

25 of 344 comments (clear)

  1. Hehehehe... by Pig+Hogger · · Score: 5, Interesting
    Linux to lock down... Who'd have thought...

    I've met a tech who was working for a high-school, and 90% of his time was used in fixing Windoze computers after students messed-up with them. That changed when they installed some cards (don't remember the name of the cards) with RAM on them that effectively made the hard disks read-only, and stored in RAM whatever was written on the hard-disks.

    So, whenever a PC was screwed-up, all you did was power-cycle it once!

    1. Re:Hehehehe... by Jester998 · · Score: 5, Informative

      The cards you're thinking of are often called "Sheriff Cards".

      Apparently they have them in my old high school now. Poor kids... hacking the network was one of the more fun things about high school. :)

    2. Re:Hehehehe... by ChrisBennett · · Score: 5, Informative

      There is a software solution for Windows called DeepFreeze. It works very well. I love seeing the look on faces when they delete random .dlls or change wallpaper only to find that they magically re-appear when the system reboots.

    3. Re:Hehehehe... by Feztaa · · Score: 5, Informative

      Older versions of DeepFreeze were pretty funny. Set the system clock sufficiently far into the future, and it magically crashed. The first thing you do after that is delete DeepFreeze, and you have no more DeepFreeze problem ;)

    4. Re:Hehehehe... by Black+Copter+Control · · Score: 5, Informative
      Either way, PE is a lot easier, as well as the numerous other packages avail., than re-OSing the campus, or installing hardware into every machine.

      Windows was originally designed around the presumption that there was really only one user on the system, and that user could/should do whatver (s)he wanted. To that was added the eventual realization that Oops! That's not always the case.

      This has resulted in the back-ending of all sorts of security hacks onto what is still, essentially, a single-user system. A side effect of this is all sorts of special cases and wierd holes in the design of Windows that results in the need for things like PE.

      Unix, on the other hand was designed as a multi-user system almost from day one. In this context, a single user system is simply the special case of N==1. Locking down a Linux system requires little more than putting passwords on GRUB and the CMOS editor, and possibly pulling the setuid bit from some questionable binaries. Once that's done, there's little that a non-root user can do beyond trashing their own account, or various DOS type stupidities (which can often be responded to by a good sysadmin).

      Beyond that, the ability to prevent first-year stupidity is only one of the reasons why Linux was chosen as the standard for first-year students. Not having to worry about being sued when the students post the source code that you gave them (under some sort of non-disclosure agreement) on the net when asking for an answer to a question is another. Multiple GUI desktops, extensibility and totally free access to the source code are some of the others.

      --
      OS Software is like love: The best way to make it grow is to give it away.
  2. UNSW by Slurpee · · Score: 5, Interesting

    The Uni of New South Wales Computer Science and Engineering department has been running unix/linux for years, no duel boot.

    8 years ago it was Sun Solaris.

    5 Years ago they moved to Intel Solaris

    Now they have (or are) moving to Intel Linux.

    anyway, good stuff at Uni of Wollongong.

  3. Another Solution - Windows Policy Editor by RaboKrabekian · · Score: 5, Informative

    I'm not fully versed in all its wonders, but the Windows Policy Editor (or whatever its called now) can completely lock down a machine. It's a vastly underutilized tool for environments where you don't want users messing with the machines. I remember getting annoyed the first time I sat down at a box which wouldn't let me even look at the start menu. Any and all Windows admins should look in to its proper use in their environment.

    --
    "Moderate drinking can help prevent amputated limbs" -- Abigail Zuger, NYTimes, 12/31/02
    1. Re:Another Solution - Windows Policy Editor by mferrare · · Score: 4, Interesting
      But consider how much you have to piss-fart aoround with WPE to get a good config - partially because no-one uses it - and compare that with 'locking down' a linux box ie:
      • secure it - and most linuxes are reasonably secure out-the-box these days
      • set a strong root password. Give the students limited sudo access if necessary
      • Probably a little bit of hardware stuff (disable floppy booting etc)
      • Maybe setting up a restricted shell or GUI environment
      But basically, students would be pretty safe on a linux box without root access. And it's simple and well-known to set up. Compare that with Windows Policy Editor. Does anyone really use it? Maybe a few but I'm sure it's not as well documented or as well tested and probably not as robust as simply locking out root access to a linux box.
      --
      Why would anyone want to use a text editor that is not vi?
    2. Re:Another Solution - Windows Policy Editor by foo+fighter · · Score: 4, Informative

      Windows Policy Editor was used for the 9x/Me series.

      Starting with Windows 2000, admins have access to "Group Policy". Essentially, any user interface setting -- and most system settings -- can be controlled via this either on the local machine or remotely.

      Group Policy kicks ass. You can completely lock down a machine so that cmd.exe doesn't work no matter what and the only .exe's that do work are the ones you specify. You can let the user specify their Display preferences, but nothing else. Or everything except the Display preferences. The point is, Linux has nothing to compare with this.

      The fact is, under Windows 2000 (and XP), administrators have never had an easier time setting up, controlling, troubleshooting, and fixing a user's desktop. If Linux had anything to easier to compare to this I'd be using it (admins being essentially lazy).

      At length, I've evaluated Redhat, Suse, Caldera, Debian, FreeBSD, OpenBSD, and Mac OS X. (At length means ~40 hours on each setting up desktops and administrative consoles and testing things out.)

      I have many Redhat machines running on servers at work. I have a Yellow Dog machine running my web site and email and OpenBSD running my router at home.

      The FACT is no one has a better way to administrate and trouble-shoot end-user desktops than Microsoft right now.

      --
      obviously no deficiencies vs. no obvious deficiencies
    3. Re:Another Solution - Windows Policy Editor by mystran · · Score: 5, Informative
      There also another view. In windows you have to options: either you allow people to do everything or you allow them to do nothing. The policy editor just stops working once you allow someone to run an .exe from his desktop since he can break the system (with one of the numerous exploit that for example the GUI gives you).

      In Linux (and unix in general) you can allow people to do almost anything with their own account. If they mess their homedir (and it's quite unlikely to get your personal stuff to the point you can't login at all by accident), just clean it by resetting the configfile that breaks the thing.

      You can have people run custom window managers, code their own software (even that damn window manager), whatever, if they happen to know how, while at the same time making sure they don't mess the system up if they don't.

      Now, imagine that user has to do some task, and they have messed up their configs. Now on Windows you either repair their profile (which can take quite a time if you can't login as them, if possible at all) or take backup of files, create new profile and copy the files over, on linux you just throw the default configs to their homedir and all you lose are few hacks in some files (say .bash_profile/.bashrc or may .Xsession)

      About the config thing.. if you setup linux in ~40 hours (for shared use) you are pretty fast. If you can do the same (in ~40 hours) for Windows you are superman. Start counting from when you get few hundred PCs with blank harddrives, with no images ready, etc..

      And once you get new systems with different hardware you have to do it again :) With linux you dump the same image and switch either kernel or module config.

      Windows has it's strong points, but administration isn't one of them. At least if you are trying to do it well. In a Uni even "we are not mission critical, we don't need the best security" isn't argument, since what would better target for a hacker than a Uni with a lots of computers and students doing all kind of things with irregular patterns.

      Btw, the Windows 9x/ME policy system is a joke :) If you can't get past it whily you can still do something with the system, you probably shouldn't be securing anything ;-)

      --
      Software should be free as in speech, but if we also get some free beer, all the better.
  4. People read the article! by Mustang+Matt · · Score: 5, Interesting

    By locking down, I think they mean students can go in and randomly format the drive like they could in a stock Win9x setup.

    They also mention that they like linux because it's easy to give to students. They don't have to worry about costs or licensing, they just hand the students a CD and they're on their way.

    "We'd rather explain how things work. We do that by taking things apart and putting them back together again, rather than just showing people how to use particular GUIs that other people have designed. It's our belief that open-source software better explains those concepts," he said.

    That seems pretty logical to me. The article really wasn't about taking away freedom at all.

    --
    The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
  5. Windows Policy Editor - could it be any worse?? by dan_barrett · · Score: 5, Informative

    Yes, you *could* use windows policy editor, but there are some major issues with it (having just locked down a standalone windows box for kiosk use I'm well versed in the pain of poledit for Win 2000..)

    Note that policy editor is now primarily designed for a computer in a Active directory tree - without active directory you have to edit a "local" policy, ie edit the registry directly.

    A disclaimer: maybe an active directory policy is nicer to play with, I don't know - local policies were enought of a pain for me as it was..

    here's the fun with local policies..
    firstly - the policies affect ALL users, INCLUDING the administrator. (WTF?!?!? you say?) so.. lock out all registry tools, disable "command prompt" and run on the start menu - and you're screwed - no more windows administration. time to reformat the box. (or at least attempt to "rescue disk" it..

    second - policies quite often are applied in REAL TIME. hmm.. disable registry editing.. (screen flashes) - oh bugger, policy editor has stopped working..

    The way to get around this is to remove access to the %winnt%/system32/GroupPolicy dir for the administrator (that's right, you remove access to the root user to prevent the policy applying to that user.) of course, this dir has to be accessible to make any changes. And the changes apply immediately. Forget to reapply the restictions to the admin user and it's reformat time, again.

    if you want to use policy editor I suggest having a recovery cd lying around, as I guarantee you *will* be locked out of your system, unless you're extremely careful.

    I love windows security, it rocks.

  6. Why use anything other than Linux for comp sci? by Omega · · Score: 5, Insightful
    When you think about it, Linux really is the best operating system for comp. sci students. It offers open source access to the kernel, so you can see the actual code for the operating system and how it interacts with many different types of hardware. Also you have low level access to many devices through the dev. tree so you can teach device programming methods. Not to mention the fact that the primary unix networking protocol (TCP/IP) is the same protocol that runs the internet. What better way to gain an understanding of packet based protocols than by experimenting with BSD sockets? "The Unix Time Sharing System" by Dennis Richie is one of the most elegant descriptions of an operating system that I have ever read. And by working with the text and the operating system together, students can gain a fundamental understanding of many basic low level concepts in modern computers.

    If all you want is to be an MCSE, then why waste you time with college? You can take a weekend course for a few hundred bucks (instead of 4+ years for several thousand dollars). This quote from the article by Dr. Chris McDonald of UWA pretty much sums it up:

    "Personally, I think that just showing students how to use operating systems tools and networking tools, is more training than education.
    Exactly. Showing someone how to point and click isn't teaching them anything. It's only training them how to use someone else's tools (and there are books that can teach you that in 24 hours). Real computer science education, where you gain a fundamental understanding of both high and low level concepts of the computer requires more than just clicking a start button.
  7. Slashdot Social Experiment by kNIGits · · Score: 5, Interesting

    People have been saying for years that Slashdotters don't read the article, so I thought that I'd test the theory. I'd submitted the story and highlighted something insignificant about the article in the submission. Browsing through this page, I see lots of people discussing merely what I wrote at the top - 'locking down' students. If people actually read the article, they'd see that it was more about teaching software development in an open source environment, and also the fact that they can give free Linux cds to the students to replicate their training systems at home.

    What I'd like to know is - how can the Slashdot Effect exist when no-one clicks through to read the article?

    This karma-reducing social experiment was proudly brought to you by kNIGits in Australia.

  8. Re: Windows Policy Editor - could it be any worse? by agallagh42 · · Score: 4, Informative

    Just because you don't know how to use a tool, doesn't make that tool bad.

    A properly configured local policy can lock down exactly what you want to lock down, and affect only the users you want it to affect.

    Also, in Active Directory, you use things called "Group Policy Objects" to apply policies to workstations, and it's WAY more powerful than local policies.

    Go here for an overview of GPOs.

    --
    Carpe Cerevisi - Seize the Beer
  9. Don't fixate! Read! Read! by BiOFH · · Score: 4, Interesting

    It is making ground in IT courses because Linux is both easy to lock-down, easy to pull apart and offers simple licensing for distribution to students.

    Please stop fixating on the whole locking down bit!
    Timothy craftily negelected to list anything but the potentially inflammatory and sensational 'lock down' phrase. It's EASIER for them to use Linux (and makes more sense and it's CHEAPER), not "they can't lock down Windows". These are newbies who DO know how to fuck up a Window machine pronto. They'll have to do some learning before they can pull a good cock up of their Linux box. And since this is a Uni, students learning is kind of high on their list of 'things we want to happen'.

    And please take note this is not the whole Uni. My girlfriend works there and she (and her whole department) uses Macs. But it is a step, IMHO, in the right direction for UOW.

    --
    - I am made of meat.
  10. As someone at an Australian university... by CaptainPotato · · Score: 4, Insightful
    ...who wishes to do convince the IT powers that be to do the same, I am very happy to hear about other institutions that are doing the same. Whilst there remains a need for Windows-based machines, Macs, and whatever else is used, there are many compelling reasons for switching to Linux - these are just a few I have (whilst on University time...).

    1. Control. Whilst I would normally shudder at the thought of restricting IT access, I do appreciate UOW's desire to better manage their machines. We recently had some new machines running Win2k installed in my area, and within a day, one was in poor shape thanks to a particular idiot installing the latest Windows Media Player version on it and somehow stuffing up the OSA installation. He was able to so do thanks to the IT stroke of genius of giving everyone admin access. Whilst this may be an human issue rather than an OS one, every bit helps :)

    2. Cost. We are all aware of the studies that compare the cost of Linux to other OSes. In any case, regardless of the outcome, I do know that my insitution will be spending multiple millions per year (as of next year) for desktop software licences for MS products because of the new licence arrangements. In a country that has mounting financial challenges in university funding, alternatives to MS software need to be found.

    3. Ethics. Maybe this is too strong, but IMO it is not. Why should tapayer money be spent on making a single corporation (even) richer? A centre of teaching and research ought to have academic independence of multinational corporations.

    These are just a few, IMO, valid thoughts about the issue. Regardless, UOW deserves to be applauded for the initiative.

    --
    I heard that your library burnt down and destroyed your only two books - and one was not even coloured in yet.
  11. uow labs by Tristessa · · Score: 4, Interesting

    Being at UoW and knowing the people who did this I can't say it's a surprise. The only things that windows were really used for in those labs were software engineering type programs and Word/Excel for the first years and non-compsci people who used the lab.

    There are other compsci labs around that haven't been dual boot for longer than this. The article also doesn't mention anything about the proportion of CompSci(linux) machines compared the number of mac/wintel machines around the uni which I'd estimate at around 85-90%

    At least the compsci department support staff are always trying new things, actually being taking initiative about things. kudos guys. see you for a drink soon.

  12. Re:The article. by WaKall · · Score: 5, Interesting

    "Dr McDonald said in teaching open-source platforms to students it is important not to "just ram open-source issues down their throats. It's important to explain why there is a difference in philosophy, why it's reasonable to not to totally tread the path of one particular vendor, one particular monopoly."

    I wonder WHICH monopoly he refers to?

    I think it's important to teach skills and not languages. The platform shouldn't really matter. But what I read there is "we're gonna teach non-proprietary solutions". I don't think the OS matters for the undergrads.

    I learned programming on Solaris and later Linux, and honestly there's no real difference between them for 95% of what you do in school, since you are NOT administering the box, and the interesting tools are opensource, portable, and provided by the school - you just have to USE them. This probably holds true for BSD as well.

    I do believe that we shouldn't be teaching kids to develop in MSVC++ and MFC. I think that's god-awful - we should learn to use makefiles and know the dependencies in our code, and not waste time on things that aren't portable to our jobs, on a yet-to-be-determined platform.

  13. duel boot by Joakim+A · · Score: 5, Funny

    >The Uni of New South Wales Computer Science and
    >Engineering department has been running
    >unix/linux for years, no duel boot.

    Well, duel boot, that is something I would like to run. Just install windows and a few linux/BSD dists, turn on the machine and leave it over night. Then we finally could settle this thing.

    /J

    Ps My bet is on that spiky fish eventhough that little red bastard with the fork might be nasty. I mean, how hard can it be to beat a geek from redmond or a penguin? Hmm, could be a whole army of penguins of course, well that might get tricky.

    1. Re:duel boot by NoOneInParticular · · Score: 5, Funny
      I'm not sure about the geek from redmond, but before you belittle penguins, consider these words from Linus Torvalds:

      "Some people have told me they don't think a fat penguin really embodies the grace of Linux. Which just tells me they have never seen a angry penguin charging at them in excess of 100 mph. They'd be a lot more careful about what they say if they had."
  14. Just a Thought... by Hasie · · Score: 5, Insightful
    I see their point, and I agree that Linux has a place in any computer-related university curriculum as an introduction to UNIX (even ignoring the other advantagess it has), and I am a major Linux fan (to the point that I actually find Windows difficult to use).


    (You all know what comes next:) BUT, I don't think that Windows should be completely eliminated. Windows is still the de-facto standard in industry and universities owe it to their students to give them skills they can use. It is also essential that universities maintain neutrality in the sense that they do not give the impression that they are promoting one system over another - a university's role is to eductate and do research, not dictate what the world will do or follow current fads.


    Before everyone gets the wrong idea; I use the same argument to motivate the use of Linux at the university where I work (it is a very good way to teach students UNIX rather than only teaching them Windows). So what is needed is a balance.

  15. Going towards it here... by imevil · · Score: 5, Insightful

    At my school the math section has linux-only PCs for the students. The CS section has Solaris (SUN) and Windows-only machines, and they justified the no-linux by saying that the companies use Windows so no point in teaching Linux to the students. I think they got it all wrong: more and more companies are migrating to Linux, and in a couple of years there will be a need for Linux experts.

    GNUWin: open your Windows!

    1. Re:Going towards it here... by Peyna · · Score: 4, Insightful

      A CS degress means you know how it all works, but you don't have be an expert in any particular langauge, operating system, or application. Instead you should be able to easily adapt to a quickly changing field.

      For all we know, there may be some new radical ideas in the next few years that void the need to be an expert in Linux or Windows. What a horrible waste of time to work at perfecting a restricted set of skills for a proprietary system.

      --
      What?
  16. As a former lab tech... Re:Hehehehe... by Eneff · · Score: 5, Interesting

    I worked as a tech at a local high school for a year.

    I can tell you that the lab tech who obsesses over Quake is going to lose. You've got 0 budget and the products to secure the network are chosen by unqualified people who got the job of head of IT in the district because in 1985 they were teaching second grade and happened to tinker with an Apple II at home...

    The smart ones just secure against the stupid people and look for the smarter ones and bargain with them that you'll let them play quake if they keep out of the pr0n and viruses, and they kind of keep their eye out for stupid people trying to ruin it all for them.

    BTW, Rarely are the colleges any better. They have better heads of departments, but their main workers are CS students without the motivation to find a higher paying job in industry. (I generalize, of course, but I haven't seen many exceptions.)
    _____

    (OBTopic: nice win for Linux. I always thought that Linux might make a superior corporate solution for precisely these reasons. In a non-development environment, only a system administrator should be able to install an applicaition, for example.

    However, I know that Apple tried to play both sides of the fence as well, and they never had much success breaking into the desktop side of Multinationalica.)